Xyne commented on 2016-06-11 18:04

The values in the PKGBUILD are up-to-date. I have no idea where 2071B08A33BD3F06 came from. Building the package with the current PKGBUILD works as expected here. I would be very wary if a signature from an unknown key was downloaded instead of the expected one. Are you in a country that is likely to intercept web traffic and inject content?

gubz commented on 2016-02-25 09:41

New version 1.4.20 is out. Change SHA1 to cbc9d960e3d8488c32675019a79fbfbf8680387e

Xyne commented on 2015-08-10 23:34

As most users are likely not using this package exclusively with TOR I have not enabled those options by default. I have, however, added them to the PKGBUILD to make users aware of them. TOR users can easily edit the PKGBUILD before building.

unhammer commented on 2013-09-06 09:11

You might want to add
sha1sums=('6202181ba2871fb3448c751a573b4ae0c4770806')
since this is what gnupg.org's download page uses: http://gnupg.org/download/integrity_check.en.html
(and since the download link is non-https for an encryption program =P)

Xyne commented on 2012-11-10 03:00

Ok, updated to an HTTP mirror.
I didn't bump the release number because the resulting package is the same.

dlin commented on 2012-11-08 06:17

Sorry, that's not automatic, but, it is http based (friendly behind firewall)